User Authentication Based on
Representative Users
Saddamhusain Hadimani
01FM15ECS030
1
Authentication
2
Types Of Authentication
3
Behavioral Biometric
Authentication System
4
Keystroke Biometrics
♦ A keystroke dynamic is based on the assumption that
each person has a unique keystroke rhythm.
♦ KBBASs can be distinguished according to training data
they use: 1.Static(Fixed) Text
2.NonStatic(Free) Text
♦ Biometric classification accuracy measures
1) FRR - False Rejection Rate (ii)
2) FAR - False Acceptance Rate (iii)
3) EER -Equal Error Rate FRR = FAR
4) TPR-True Positive Rate (i)
5) AUC-Area Under The Curve FAR=TPR
5
Proposed Algorithms
♦Inner-Cluster Nearest-Neighbor Approach
Structure Of feature
6
Methodology Flowchart
7
Some Opportunities:
♦ Login information
Computer
Cell phones
Automated Teller Machine
Digital electronic security keypad at a
building entrance
♦ Continuous authentication
Online examination
8
Advantages of keystroke dynamics
♦ Software Only method. (No
Additional Hardware except a
Keyboard)
♦ Simple To Deploy and Use (username
& passwords) – Universally accepted
♦ Cost Effective
♦ No End-User Training
♦ It provides a simple natural way for
increased computer security
♦ Can be used over the internet
9
Keystroke drawbacks:
♦ User’s susceptibility to fatigue
♦ Dynamic change in typing patterns
♦ Injury, skill of the user
♦ Change of keyboard hardware.
10
Keystroke Challenges
♦ Which methods have lower error rate?
♦ Error rate comparison is difficult
♦ Work with very short sample texts
♦ Requires adaptive learning
11
Conclusions
♦ Combined features of maximum pressure
with latency  effective way to verify
authorized user
♦ It seems promising , still needs more efforts
specially for identification
Iris scanners provide the lowest total error rate -
on the order of 10-6
in many cases
Even fingerprints provide an error rate on the
order of 10-2
12
Future work
♦ Using longer fixed texts
♦ Combining many features
increase the accuracy of keystroke analysis
♦ Find the most efficient features
♦ Adding mouse dynamic
Helpful for identification
♦ Including Special characters
♦ Future research to reduce FAR & FRR
13
References
♦ Alon Schclar, Lior Rokach, Adi Abramson, and Yuval Elovici,” User Authentication
Based on Representative Users”, IEEE Transactions On Systems, Man, And Cybernetics
—part C: Applications And Reviews, Vol. 42, No. 6, November 2012
♦ J. Bechtel, “Passphrase authentication based on typing style through an ART 2 Neural
network,” IJCIA Vol. 2, No. 2 (2002) pp 1 –22.
♦ A. Peacock, “Typing Patters: A Key to User Identification,” IEEE Security and Privacy,
September / October 2004, pp 40- 47.
♦ L. Araujo, “User Authentication Through Typing Biometrics Features,” IEEE
Transactions on Signal Processing, Vol. 53, No. 2, February 2005.
♦ A. Guven, “Understanding users’ keystroke patters for computer access security,”
Computers & Security, Vol. 22, No. 8, 2003, pp 695-706.
♦ F. Monrose “Keystroke dynamics as a biometric for authentication,” Future Generation
Computer Systems, Vol. 16, 2000, pp. 351-359.
♦ M. Obiadat, “An On-Line Neural Network System for Computer Access Security,” IEEE
Transactions On Industrial Electronics, Vol. 40, No. 2, April 1993, pp. 235-242.
14
THANK YOUTHANK YOU
15

User Authentication Based on Representative Users

  • 1.
    User Authentication Basedon Representative Users Saddamhusain Hadimani 01FM15ECS030 1
  • 2.
  • 3.
  • 4.
  • 5.
    Keystroke Biometrics ♦ Akeystroke dynamic is based on the assumption that each person has a unique keystroke rhythm. ♦ KBBASs can be distinguished according to training data they use: 1.Static(Fixed) Text 2.NonStatic(Free) Text ♦ Biometric classification accuracy measures 1) FRR - False Rejection Rate (ii) 2) FAR - False Acceptance Rate (iii) 3) EER -Equal Error Rate FRR = FAR 4) TPR-True Positive Rate (i) 5) AUC-Area Under The Curve FAR=TPR 5
  • 6.
  • 7.
  • 8.
    Some Opportunities: ♦ Logininformation Computer Cell phones Automated Teller Machine Digital electronic security keypad at a building entrance ♦ Continuous authentication Online examination 8
  • 9.
    Advantages of keystrokedynamics ♦ Software Only method. (No Additional Hardware except a Keyboard) ♦ Simple To Deploy and Use (username & passwords) – Universally accepted ♦ Cost Effective ♦ No End-User Training ♦ It provides a simple natural way for increased computer security ♦ Can be used over the internet 9
  • 10.
    Keystroke drawbacks: ♦ User’ssusceptibility to fatigue ♦ Dynamic change in typing patterns ♦ Injury, skill of the user ♦ Change of keyboard hardware. 10
  • 11.
    Keystroke Challenges ♦ Whichmethods have lower error rate? ♦ Error rate comparison is difficult ♦ Work with very short sample texts ♦ Requires adaptive learning 11
  • 12.
    Conclusions ♦ Combined featuresof maximum pressure with latency  effective way to verify authorized user ♦ It seems promising , still needs more efforts specially for identification Iris scanners provide the lowest total error rate - on the order of 10-6 in many cases Even fingerprints provide an error rate on the order of 10-2 12
  • 13.
    Future work ♦ Usinglonger fixed texts ♦ Combining many features increase the accuracy of keystroke analysis ♦ Find the most efficient features ♦ Adding mouse dynamic Helpful for identification ♦ Including Special characters ♦ Future research to reduce FAR & FRR 13
  • 14.
    References ♦ Alon Schclar,Lior Rokach, Adi Abramson, and Yuval Elovici,” User Authentication Based on Representative Users”, IEEE Transactions On Systems, Man, And Cybernetics —part C: Applications And Reviews, Vol. 42, No. 6, November 2012 ♦ J. Bechtel, “Passphrase authentication based on typing style through an ART 2 Neural network,” IJCIA Vol. 2, No. 2 (2002) pp 1 –22. ♦ A. Peacock, “Typing Patters: A Key to User Identification,” IEEE Security and Privacy, September / October 2004, pp 40- 47. ♦ L. Araujo, “User Authentication Through Typing Biometrics Features,” IEEE Transactions on Signal Processing, Vol. 53, No. 2, February 2005. ♦ A. Guven, “Understanding users’ keystroke patters for computer access security,” Computers & Security, Vol. 22, No. 8, 2003, pp 695-706. ♦ F. Monrose “Keystroke dynamics as a biometric for authentication,” Future Generation Computer Systems, Vol. 16, 2000, pp. 351-359. ♦ M. Obiadat, “An On-Line Neural Network System for Computer Access Security,” IEEE Transactions On Industrial Electronics, Vol. 40, No. 2, April 1993, pp. 235-242. 14
  • 15.

Editor's Notes

  • #10 Unobtrusive: More convenient than physiological methods the features can be collected without the need for special hardware Unobtrusive: low level of detraction from the regular computer work (keystroke patterns have a direct relationship with the specific input device through which authentication takes place while in other behavioral biometric method the target device differs from one with which the user is verified) User/pass: Password authentication is an inexpensive and familiar paradigm that most operating systems support. Increased security: In systems that implement keystroke patterns as part of their authentication mechanisms, the login process requires not only the correct username and password, but also matching specific keystroke patterns that have been identified and stored for that individual. Such a mechanism could increase the difficulty of intruders being authenticated, as the unique typing pattern would be very difficult to reproduce. --keystroke dynamics for verification is a 2-factor authentication mechanism: even if the password is stolen the keystroke pattern still has to match with the stored profile
  • #11 Change of keyboard hardware using another workstation with different keyboard. Unlike other physiological biometrics such as fingerprints, retinas, and facial features, all of which remain fairly consistent over long periods of time, typing patterns can be rather erratic. Even though any biometric can change over time, typing patterns have smaller time scale for changes. Not only the typing patterns is inconsistent when compared to other biometrics, a person’s hands can also get tired or sweaty after prolonged periods of typing. This often results in major pattern differences over the course of a day.
  • #12 1. Lack of a shared set of standards for data collection, benchmarking, and measurement have prevented, to some degree, any growth from collaboration and independent confirmation of techniques. 2. it is cognizant that there is a lack of uniformity in how methods are evaluated and, so, it is imprudent to explicitly declare which methods indeed have the lowest error rates. 3. Though the error rates are reported for each method when available, tests are often done on different test subjects, feature set and classification methods, so, comparisons are often difficult. 4. As a common feature, many of the systems described in this survey strive to work with very short sample texts. Hence, one may well note that it is unfair to compare the outcomes of such systems. What are our concerns of this method? Of course as every behavioral method the characteristic may change with time, so this forces the system to learn new correct samples and this is extremely difficult. If sample isn't correct and system learns on it, classification error grows. Another problem is that, according to sentence, that “there is no identical biometric samples”, there is a big problem with classifying correct samples.
  • #13 The combining features of maximum pressure with latency are considerably more effective way to verify the authorized person due to unique typing biometric of each individual. Combining both an Artificial Neural Network (ANN) and Adaptive Neuro-Fuzzy Inference System (ANFIS)-based classifiers has the greatest promising result for improving accuracy in order to verify the authorized user as compared to standalone classifier.